Lucene search

[email protected]CVE-2007-1914

HistoryApr 10, 2007 - 11:19 p.m.

CVE-2007-1914

2007-04-1023:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1914

sap

rfc library

remote attack

information disclosure

vulnerability

6.3 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.015 Low

EPSS

Percentile

86.9%

JSON

The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to obtain sensitive information (external RFC server configuration data) via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

CPENameOperatorVersion
sap:rfc_librarysap rfc libraryeq6.4
sap:rfc_librarysap rfc libraryeq7.0

CPE	Name	Operator	Version
sap:rfc_library	sap rfc library	eq	6.4
sap:rfc_library	sap rfc library	eq	7.0

References

secunia.com/advisories/24722

securityreason.com/securityalert/2538

www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf

www.securityfocus.com/archive/1/464678/100/0/threaded

www.securityfocus.com/bid/23313

www.vupen.com/english/advisories/2007/1270

exchange.xforce.ibmcloud.com/vulnerabilities/33422

6.3 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.015 Low

EPSS

Percentile

86.9%

JSON

Related for CVE-2007-1914

prion2 securityvulns1 cve2